Total vulnerabilities in the database
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.
| Software | From | Fixed in |
|---|---|---|
| cabextract_project / cabextract | - | 1.2.x |
| cabextract_project / cabextract | 1.1 | 1.1.x |
| cabextract_project / cabextract | 0.4 | 0.4.x |
| cabextract_project / cabextract | 0.5 | 0.5.x |
| cabextract_project / cabextract | 0.1 | 0.1.x |
| cabextract_project / cabextract | 0.3 | 0.3.x |
| cabextract_project / cabextract | 0.2 | 0.2.x |
| cabextract_project / cabextract | 0.6 | 0.6.x |
| cabextract_project / cabextract | 1.0 | 1.0.x |